Ronald Reagan had a talent for memorable phrases. One of my favourite quotes from the former US president is ‘Trust but verify’. He used it refer to nuclear disarmament talks, but it works just as well for ratings agencies.

The entire credit rating industry is based on the premise that the agencies are better placed to assess credit risk than lesser mortals. Agencies often receive material non-public information (MNPI, better known as inside information) from securities issuers as part of their research. We are supposed to have faith that this non-public data, which we will never see, has been correctly used in assessing the creditworthiness of the issuer.


Peter Reilly is a member of the Bailey Network, a group of former analysts and investors who are now consulting in the reporting space

There is usually no appeals process, so the rated company has no redress

Veil of secrecy

Maybe it’s just me, but I have an immediate problem when I am told ‘just trust me on this’, especially when there is an apparent conflict of interest. There is a credible potential defence that the MNPI may be commercially sensitive, but we will never know for sure. It all occurs under a veil of secrecy.

Something similar but even less satisfactory is happening with ratings for resilience to long-term environmental, social and governance (ESG) risks. ESG rating is a new and entirely unregulated industry that is shrouded in secrecy. The investing public is allowed to know how a certain company has been rated against various ESG metrics but not how the agency derived the rating.

It would matter less if it was clear that the ESG agencies were doing a good and useful job

It’s worth stopping for a moment and reflecting on just how dysfunctional this is. A bad rating can cause damage to a company’s share price and reputation without anyone, even the company, knowing what has caused the poor result. There is usually no appeals process, so the rated company has no redress. Investors who own the shares may feel they have to sell, without knowing what the company has done wrong, let alone whether it is doing anything about it.

It gets worse. Some ESG rating agencies offer consultancy services to help poorly rated companies improve their scores. I can visualise the sales pitch. ‘We have given you a poor score. We won’t tell you why, but spend some money with us and you’ll get a better one next time.’

It is of course possible that all this is done in a wholly ethical way, but the optics are not good, to put it mildly.


It would matter less if it was clear that the ESG agencies were doing a good and useful job. Unfortunately, the opposite is the case. ESG scores are all over the place, making them of little use to investors.

Consider Meta, the parent of Facebook. It is a matter of record that Mark Zuckerberg owns about 13% of Meta’s share capital but controls a majority of the votes. There is no independent governance to speak of. Meta is entirely controlled by its founder, for better or for worse.

ESG scores are like a scattergun blast

I naively assumed that every agency would give Meta a zero for governance. I was wrong. At the time of writing, Meta’s governance scores range from zero to 75%. This is just one example, albeit a particularly blatant one. Credit scores tend to be tightly grouped; ESG scores are more like a scattergun blast.

I can think of no good reason why the ESG rating process should be secret. It is arguably of commercial benefit to the agencies in the short term but the obvious reputational risk is likely to cause problems in the long run.

Environmental damage is potentially just as big a risk as nuclear war; it is only the timescale that is different. Sustainability is ultimately about behaviour, not numbers or ratings. If the ESG agencies want to be trusted, they must concede the ability to the rest of us to verify what they are doing.